Sectigo root and intermediate certificates expiration Print

  • 1

The problem

Some of the intermediate certificates on the Sectigo/Comodo certification path are about to expire on May 30 at 10am UTC. Here you have Sectigo document: Sectigo AddTrust External CA Root Expiring May 30, 2020

The workaround

If you relay on updated clients, you don't need to do anything, they will use their local trusted store and disregard whatever you are sending on the certificate chain, as a matter of fact, you can remove the expired certificates from the chain as they are no longer valid and reduce the amount of bytes you'll send on the TLS handshake.

The quick solution

But if you need to support legacy clients, that our testing shows that a PlayStation 4 is indeed a legacy system, you'll need to change the chain and replace the expired certificates with one of the AAA cross certificates

AAA Certificate Services - cross-certificates:

The "no compromises" solution

Or if you want to be sure to reach all your audience on a very legacy systems, for example old Samsung and LG Smart TVs, where AAA Certificate Services is not on their trusted store, as one of our customers faced, we have arranged a promotion with DigiCert to provide certificates signed without loosing any day on your current certificate. That's it, if you have one of the elegible certificates (Comodo/Sectigo is one of them), we will add any remaining time to the new certificate.

A RapidSSL wildcard certificate is only 99.95 EUR/yr 

Let's say that your certificate has 6 months remaining, you'll pay for 1 year and the certificate will be signed for a year and a half. More details here: Switch to DigiCert SSL

As always, in case of any doubt, raise a ticket with us.



Was this answer helpful?

« Back